1. Field of Use
The present invention relates to data processing systems, and more particularly to input/output systems required to control input/output data transfer operations involving a number of peripheral units.
2. Prior Art
In general, many systems have provided for limiting the access of a various subsystems to specific portions of processing system's memory. For example, it is necessary in multiprogramming environments to ensure that a supervisory or executive program is not inadvertently disturbed or accessed by a user or slave program. An example of one type of system may be found in U.S. Pat. No. 3,473,159 to H. N. Cantrel et al. For the most part, these types of systems have been concerned with protecting memory from accesses which would result in the inadvertent destruction of valuable program and data.
Other types of systems, in particular time sharing systems, have found it necessary to provide for protecting data and programs from destruction in addition to securing them against improper use and disclosure. A system which provides for such security is discussed in an article titled "Introduction and Overview of the Multics System" authored by Corbato and Vyssotsky which was published in the Proceedings of the Fall Joint Computer Conference, 1965. In general, this type of system as well as subsequently developed systems have primarily relied upon the "operating system software" to insure system security. While systems of these types provide a high degree of security, the systems are considerably sophisticated and costly. Furthermore, in some such systems, it may still be possible for a user program through existing flaws in input/output routines to gain access to a file system which forms part of the system's data base thereby rendering the overall system insecure.
Additionally, the above mentioned types of systems have been primarily concerned with providing all security utilizing basic facilities included within the operating system or as part of the data management facilities. To ensure the security of the input/output portion of a system, "passwords", cryptographic and scrambling techniques have been employed. While some of these techniques provide significant protection, in certain instances, they may be found unacceptable for input/output data processing because of delays in processing and in access.
Accordingly, it is a primary object of the present invention to provide an input/output processing system which protects against unauthorized access to peripheral devices and/or controllers of the system.
It is a further object of the present invention to provide a system which automatically prevents unauthorized access to files provided by the peripheral devices of an input/output system with a minimum increase in the apparatus of the system.
It is still a further object of the present invention to provide apparatus included within an input/output processing system for insuring that user programs executed by the input/output system only access input/output storage devices to which they are allowed access.